Cisco Cisco Email Security Appliance C160 Références techniques
3-222
CLI Reference Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 3 The Commands: Reference Examples
Policy Enforcement
Batch Command: This command supports a batch format.
Example
In this example, the
scanconfig
command sets these parameters:
•
MIME types of video/*, audio/*, image/* are skipped (not scanned for content).
•
Nested (recursive) archive attachments up to 10 levels are scanned. (The default is 5 levels.)
•
The maximum size for attachments to be scanned is 25 megabytes; anything larger will be skipped.
(The default is 5 megabytes.)
(The default is 5 megabytes.)
•
The document metadata is scannned.
•
Attachment scanning timeout is set at 180 seconds.
•
Attachments that were not scanned are assumed to not match the search pattern. (This is the default
behavior.)
behavior.)
•
ASCII encoding is configured for use when none is specified for plain body text or anything with
MIME type plain/text or plain/html.
MIME type plain/text or plain/html.
Note
When setting the
assume the attachment matches the search pattern
to Y, messages that cannot be
scanned will cause the message filter rule to evaluate to true. This could result in unexpected behavior,
such as the quarantining of messages that do not match a dictionary, but were quarantined because their
content could not be correctly scanned. This setting does not apply to RSA Email DLP scanning.
such as the quarantining of messages that do not match a dictionary, but were quarantined because their
content could not be correctly scanned. This setting does not apply to RSA Email DLP scanning.
mail3.example.com> scanconfig
There are currently 5 attachment type mappings configured to be SKIPPED.
Choose the operation you want to perform:
- NEW - Add a new entry.
- DELETE - Remove an entry.
- SETUP - Configure scanning behavior.
- IMPORT - Load mappings from a file.
- EXPORT - Save mappings to a file.
- PRINT - Display the list.
- CLEAR - Remove all entries.
- SMIME - Configure S/MIME unpacking.
[]> setup
1. Scan only attachments with MIME types or fingerprints in the list.
2. Skip attachments with MIME types or fingerprints in the list.
Choose one:
[2]> 2
Enter the maximum depth of attachment recursion to scan:
[5]> 10
Enter the maximum size of attachment to scan:
[5242880]> 10m
Do you want to scan attachment metadata? [Y]> y
Enter the attachment scanning timeout (in seconds):
[30]> 180
If a message has attachments that were not scanned for any reason (e.g.
because of size, depth limits, or scanning timeout), assume the attachment matches the
search pattern? [N]> n